CN103595731A - System and method for protecting account security - Google Patents
System and method for protecting account security Download PDFInfo
- Publication number
- CN103595731A CN103595731A CN201310628750.9A CN201310628750A CN103595731A CN 103595731 A CN103595731 A CN 103595731A CN 201310628750 A CN201310628750 A CN 201310628750A CN 103595731 A CN103595731 A CN 103595731A
- Authority
- CN
- China
- Prior art keywords
- software
- mobile terminal
- specific software
- described specific
- characteristic information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The invention provides a mobile terminal which comprises a requesting unit, a judging unit and a detecting unit. The requesting unit is configured to request feature information of specific software from a server when the specific software installed on the mobile terminal is started. The judging unit is configured to receive the feature information of the specific software from the server and judge whether the specific software is copyrighted software or not according to the feature information. The detecting unit is configured to detect whether network environments and the mobile terminal are safe or not if the specific software is the copyrighted software. The invention further provides the server which comprises a receiving unit and a sending unit. The receiving unit is configured to receive the request for the feature information of the specific software installed in the mobile terminal from the mobile terminal. The sending unit is configured to send the feature information of the specific software to the mobile terminal. The invention further provides a method executed by the mobile terminal and the server. According to the mobile terminal, the server and the method, real-time protection over software accounts can be achieved.
Description
Technical field
The present invention relates to information security field.More specifically, the present invention relates to a kind of system and method for the protection of account safety.
Background technology
Mobile terminal (for example mobile phone), as the very high electronic product of every day use frequency, often can be used various mobile application (such as mobile-phone payment, mobile phone shopping, mobile phone speculation in stocks, mobile phone chats, mobile phone games etc.).Use these application conventionally need to input account and password.For user, protection account and password seem particularly important.
Yet current mobile antivirus software only attempts to prevent that software in mobile terminal from, not by infection such as virus or wooden horses, cannot provide the protection for high value software.For example, in prior art, there is not the technology that the account that for example banking software, payment software, social chat software and Games Software carry out is carried out to real-time guard.
Summary of the invention
In order to address the above problem, the invention provides a kind of system and method that can protect in real time account safety.
Particularly, according to the first scheme of the present invention, provide a kind of mobile terminal, having comprised: request unit, is configured to: when mounted specific software is activated on mobile terminal, to the characteristic information of specific software described in server request; Judging unit, is configured to: from server, receive the characteristic information of described specific software, and judge according to described characteristic information whether described specific software is copyrighted software; And detecting unit, be configured to: if described specific software is copyrighted software, Sampling network environment and mobile terminal safety whether.
In one embodiment, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.Described judging unit is configured to: by official's software name of described specific software and corresponding software PKI are contrasted with the software name of described specific software on mobile terminal and corresponding software PKI, judge whether described specific software is copyrighted software.
In one embodiment, described detecting unit is configured to: detect whether safety of GPRS network and/or WIFI network.
In one embodiment, described detecting unit is configured to: detect on mobile terminal whether have wooden horse software.
In one embodiment, described detecting unit is also configured to: if network environment detected and/or mobile terminal is unsafe, the user to mobile terminal sends prompting.
In one embodiment, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
According to alternative plan of the present invention, a kind of server is provided, comprising: receiving element, is configured to: from mobile terminal, receive the request to the characteristic information of mounted specific software mobile terminal; And transmitting element, be configured to: the characteristic information that sends described specific software to mobile terminal.
In one embodiment, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.
In one embodiment, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
According to third party's case of the present invention, a kind of method of being carried out by mobile terminal is provided, comprising: when on mobile terminal, mounted specific software is activated, to the characteristic information of specific software described in server request; From server, receive the characteristic information of described specific software, and judge according to described characteristic information whether described specific software is copyrighted software; And if described specific software is copyrighted software, Sampling network environment and mobile terminal safety whether.
In one embodiment, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.By official's software name of described specific software and corresponding software PKI are contrasted with the software name of described specific software on mobile terminal and corresponding software PKI, judge whether described specific software is copyrighted software.
In one embodiment, detect whether safety of GPRS network and/or WIFI network.
In one embodiment, detect on mobile terminal whether have wooden horse software.
In one embodiment, if network environment detected and/or mobile terminal is unsafe, the user to mobile terminal sends prompting.
In one embodiment, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
According to cubic case of the present invention, a kind of method of being carried out by server is provided, comprising: from mobile terminal, receive the request to the characteristic information of mounted specific software mobile terminal; And the characteristic information that sends described specific software to mobile terminal.
In one embodiment, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.
In one embodiment, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
Adopt the present invention, can when user starts account software, detect immediately on current network environment and mobile terminal whether have wooden horse software, realized the real-time guard to software account.
Accompanying drawing explanation
By below in conjunction with accompanying drawing explanation the preferred embodiments of the present invention, will make of the present invention above-mentioned and other objects, features and advantages are clearer, wherein:
Fig. 1 shows the block diagram of mobile terminal according to an embodiment of the invention.
Fig. 2 shows the block diagram of server according to an embodiment of the invention.
Fig. 3 shows the flow chart of the method for being carried out by mobile terminal according to an embodiment of the invention.
Fig. 4 shows the flow chart of the method for being carried out by server according to an embodiment of the invention.
In institute of the present invention drawings attached, same or analogous structure is all with same or analogous designated.
Embodiment
To a preferred embodiment of the present invention will be described in detail, in description process, having omitted is unnecessary details and function for the present invention with reference to the accompanying drawings, to prevent that the understanding of the present invention from causing, obscures.
Fig. 1 shows the block diagram of mobile terminal according to an embodiment of the invention.As shown in Figure 1, mobile terminal 10 comprises request unit 110, judging unit 120 and detecting unit 130.Below, each assembly of the mobile terminal 10 shown in Fig. 1 is described in detail.
Detecting unit 130 is configured to: if specific software is copyrighted software, and Sampling network environment and mobile terminal safety whether.For example, detecting unit 130 can be configured to detect whether safety of GPRS network and/or WIFI network, and detects on mobile terminal whether have wooden horse software.Alternatively, detecting unit 130 can also be configured to: if network environment detected and/or mobile terminal is unsafe, the user to mobile terminal sends prompting.
Fig. 2 shows the block diagram of server according to an embodiment of the invention.As shown in Figure 2, server 20 comprises receiving element 210 and transmitting element 220.
Receiving element 210 is configured to receive the request to the characteristic information of mounted specific software mobile terminal from mobile terminal.As described above, this specific software for example can comprise following at least one: banking software, payment software, social software and Games Software.In addition, the characteristic information of specific software for example can comprise official's software name of specific software and corresponding software PKI.
Transmitting element 220 is configured to send to mobile terminal the characteristic information of specific software.
Below, by an example, describe the mutual operation process of the server 20 shown in the mobile terminal 10 shown in Fig. 1 and Fig. 2 in detail.
First, user starts the software of installing on mobile terminal 10, for example payment software.Now, request unit 110 is to the characteristic information of server 20 these payment software of request.The receiving element 210 of server 20 receives the request to the characteristic information of this payment software from mobile terminal 10, thereby the transmitting element 220 of server 20 sends the characteristic information (for example official's software name and corresponding software PKI) of this payment software to mobile terminal.
Then, the judging unit 120 of mobile terminal 10 receives the characteristic information of this payment software from server 20, and judges according to characteristic information whether it is copyrighted software.
If judge that this payment software is copyrighted software, the detecting unit 130 Sampling network environment of mobile terminal 10 and mobile terminal safety whether so.Now, on the display interface of mobile terminal 10, can eject dialog box, prompting user its just at Sampling network environment and mobile terminal.When Sampling network environment, for example, can detect GRPS network and WIFI network.For example, when WIFI network does not have password, can point out this WIFI network of user may have potential safety hazard.In addition, if find wooden horse software on mobile terminal, also can point out the user should this wooden horse software of killing.
If detecting unit 130 determines that network environment or mobile terminal itself are unsafe, should point out user's current network environment to have potential safety hazard.
If detecting unit 130 determines that network environment and mobile terminal are safe, can on mobile terminal 10, show Network Access Point and the IP address of this payment software, enter subsequently this payment software and use.
Adopt the present embodiment, can when user starts specific software, detect immediately on current network environment and mobile terminal whether have wooden horse software, realized the real-time guard to software account.
Fig. 3 shows the flow chart of the method 30 of being carried out by mobile terminal according to an embodiment of the invention.As shown in Figure 3, method 30 starts at step S310 place.
At step S320 place, when on mobile terminal, mounted specific software is activated, to the characteristic information of specific software described in server request.This specific software for example can comprise following at least one: banking software, payment software, social software and Games Software.In addition, the characteristic information of specific software for example can comprise official's software name of specific software and corresponding software PKI.
At step S330 place, from server, receive the characteristic information of described specific software, and judge according to described characteristic information whether described specific software is copyrighted software.For example, if the characteristic information of specific software comprises official's software name of specific software and corresponding software PKI, can, by official's software name of specific software and corresponding software PKI are contrasted with the software name of specific software on mobile terminal and corresponding software PKI, judge whether specific software is copyrighted software so.
If be copyrighted software in the described specific software of step S330 place judgement, in step S340 place Sampling network environment and mobile terminal safety whether.For example, can detect whether safety of GPRS network and/or WIFI network, and detect on mobile terminal whether have wooden horse software.Alternatively, if network environment detected and/or mobile terminal is unsafe, can send prompting to the user of mobile terminal.
Finally, method 30 finishes at step S350 place.
Fig. 4 shows the flow chart of the method 40 of being carried out by server according to an embodiment of the invention.As shown in Figure 4, method 40 starts at step S410 place.
At step S420 place, from mobile terminal, receive the request to the characteristic information of mounted specific software mobile terminal.This specific software for example can comprise following at least one: banking software, payment software, social software and Games Software.In addition, the characteristic information of specific software for example can comprise official's software name of specific software and corresponding software PKI.
At step S430 place, to mobile terminal, send the characteristic information of described specific software.
Finally, method 40 finishes at step S440 place.
Should be appreciated that, the above embodiment of the present invention can realize by both combinations of software, hardware or software and hardware.For example, various assemblies in server 20 shown in mobile terminal 10 shown in Fig. 1 and Fig. 2 can be realized by multiple device, these devices include but not limited to: analog circuit, digital circuit, general processor, Digital Signal Processing (DSP) circuit, programmable processor, application-specific integrated circuit (ASIC) (ASIC), field programmable gate array (FPGA), programmable logic device (CPLD), etc.In addition, the mode that the various assemblies in the server 20 shown in the mobile terminal 10 shown in Fig. 1 and Fig. 2 also can combine by hardware and software realizes, or with the form of software, realizes completely.
In addition, those skilled in the art will appreciate that the data of describing in the embodiment of the present invention can be stored in local data base, also can be stored in distributed data base or can be stored in remote data base.
In addition, embodiments of the invention disclosed herein can be realized on computer program.More specifically, this computer program is following a kind of product: have computer-readable medium, on computer-readable medium, coding has computer program logic, and when carrying out on computing equipment, this computer program logic provides relevant operation to realize technique scheme of the present invention.While carrying out at least one processor at computing system, computer program logic makes the operation (method) described in the processor execution embodiment of the present invention.This set of the present invention is typically provided as and arranges or be coded in such as the software on the computer-readable medium of light medium (such as CD-ROM), floppy disk or hard disk etc., code and/or other data structures or such as other media or the Downloadable software image in one or more module, the shared data bank etc. of the firmware on one or more ROM or RAM or PROM chip or microcode.Software or firmware or this configuration can be arranged on computing equipment, so that the one or more processors in computing equipment are carried out the described technical scheme of the embodiment of the present invention.
So far invention has been described in conjunction with the preferred embodiments.Should be appreciated that, those skilled in the art without departing from the spirit and scope of the present invention, can carry out various other change, replacement and interpolations.Therefore, scope of the present invention is not limited to above-mentioned specific embodiment, and should be limited by claims.
Claims (18)
1. a mobile terminal, comprising:
Request unit, is configured to: when on mobile terminal, mounted specific software is activated, to the characteristic information of specific software described in server request;
Judging unit, is configured to: from server, receive the characteristic information of described specific software, and judge according to described characteristic information whether described specific software is copyrighted software; And
Detecting unit, is configured to: if described specific software is copyrighted software, and Sampling network environment and mobile terminal safety whether.
2. mobile terminal according to claim 1, wherein,
The characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI; And
Described judging unit is configured to: by official's software name of described specific software and corresponding software PKI are contrasted with the software name of described specific software on mobile terminal and corresponding software PKI, judge whether described specific software is copyrighted software.
3. mobile terminal according to claim 1, wherein, described detecting unit is configured to: detect whether safety of GPRS network and/or WIFI network.
4. mobile terminal according to claim 1, wherein, described detecting unit is configured to: detect on mobile terminal whether have wooden horse software.
5. mobile terminal according to claim 1, wherein, described detecting unit is also configured to: if network environment detected and/or mobile terminal is unsafe, the user to mobile terminal sends prompting.
6. mobile terminal according to claim 1, wherein, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
7. a server, comprising:
Receiving element, is configured to: from mobile terminal, receive the request to the characteristic information of mounted specific software mobile terminal; And
Transmitting element, is configured to: the characteristic information that sends described specific software to mobile terminal.
8. server according to claim 7, wherein, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.
9. server according to claim 7, wherein, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
10. a method of being carried out by mobile terminal, comprising:
When on mobile terminal, mounted specific software is activated, to the characteristic information of specific software described in server request;
From server, receive the characteristic information of described specific software, and judge according to described characteristic information whether described specific software is copyrighted software; And
If described specific software is copyrighted software, Sampling network environment and mobile terminal safety whether.
11. methods according to claim 10, wherein,
The characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI; And
By official's software name of described specific software and corresponding software PKI are contrasted with the software name of described specific software on mobile terminal and corresponding software PKI, judge whether described specific software is copyrighted software.
12. methods according to claim 10, wherein, detect whether safety of GPRS network and/or WIFI network.
13. methods according to claim 10, wherein, detect on mobile terminal whether have wooden horse software.
14. methods according to claim 10, wherein, if network environment detected and/or mobile terminal is unsafe, the user to mobile terminal sends prompting.
15. methods according to claim 10, wherein, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
16. 1 kinds of methods of being carried out by server, comprising:
From mobile terminal, receive the request to the characteristic information of mounted specific software mobile terminal; And
To mobile terminal, send the characteristic information of described specific software.
17. methods according to claim 16, wherein, the characteristic information of described specific software comprises official's software name of described specific software and corresponding software PKI.
18. methods according to claim 16, wherein, described specific software comprise following at least one: banking software, payment software, social software and Games Software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310628750.9A CN103595731A (en) | 2013-11-29 | 2013-11-29 | System and method for protecting account security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310628750.9A CN103595731A (en) | 2013-11-29 | 2013-11-29 | System and method for protecting account security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103595731A true CN103595731A (en) | 2014-02-19 |
Family
ID=50085713
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310628750.9A Pending CN103595731A (en) | 2013-11-29 | 2013-11-29 | System and method for protecting account security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103595731A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886253A (en) * | 2014-03-26 | 2014-06-25 | 香港中文大学深圳研究院 | Data leakage detection method, device and system |
| CN104021339A (en) * | 2014-06-10 | 2014-09-03 | 北京奇虎科技有限公司 | Safety payment method and device for mobile terminal |
| WO2016165674A1 (en) * | 2015-10-21 | 2016-10-20 | 中兴通讯股份有限公司 | Trusted environment operating method and device for terminal |
| CN106096450A (en) * | 2016-06-21 | 2016-11-09 | 依偎科技(南昌)有限公司 | A kind of application program freezing method and mobile terminal |
| CN106204003A (en) * | 2015-04-29 | 2016-12-07 | 阿里巴巴集团控股有限公司 | The safe transfer method of virtual resource, Apparatus and system |
| CN108600162A (en) * | 2018-03-13 | 2018-09-28 | 江苏通付盾科技有限公司 | User authen method and device, computing device and computer storage media |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101571899A (en) * | 2009-06-04 | 2009-11-04 | 北京握奇数据系统有限公司 | Smart device software anti-theft version method and device |
| CN102148831A (en) * | 2011-04-01 | 2011-08-10 | 奇智软件(北京)有限公司 | Method and system for safely controlling terminal application |
| CN102685139A (en) * | 2012-05-21 | 2012-09-19 | 中国联合网络通信集团有限公司 | Network software authentication method and device |
| CN102843681A (en) * | 2012-08-15 | 2012-12-26 | 腾讯科技(深圳)有限公司 | Information interaction method and information interaction device |
| CN102891843A (en) * | 2012-09-18 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method for authorizing application program at android client side through local service unit |
-
2013
- 2013-11-29 CN CN201310628750.9A patent/CN103595731A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101571899A (en) * | 2009-06-04 | 2009-11-04 | 北京握奇数据系统有限公司 | Smart device software anti-theft version method and device |
| CN102148831A (en) * | 2011-04-01 | 2011-08-10 | 奇智软件(北京)有限公司 | Method and system for safely controlling terminal application |
| CN102685139A (en) * | 2012-05-21 | 2012-09-19 | 中国联合网络通信集团有限公司 | Network software authentication method and device |
| CN102843681A (en) * | 2012-08-15 | 2012-12-26 | 腾讯科技(深圳)有限公司 | Information interaction method and information interaction device |
| CN102891843A (en) * | 2012-09-18 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method for authorizing application program at android client side through local service unit |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886253A (en) * | 2014-03-26 | 2014-06-25 | 香港中文大学深圳研究院 | Data leakage detection method, device and system |
| CN103886253B (en) * | 2014-03-26 | 2018-01-19 | 香港中文大学深圳研究院 | A kind of method, equipment and system for detecting data leak |
| CN104021339A (en) * | 2014-06-10 | 2014-09-03 | 北京奇虎科技有限公司 | Safety payment method and device for mobile terminal |
| CN106204003A (en) * | 2015-04-29 | 2016-12-07 | 阿里巴巴集团控股有限公司 | The safe transfer method of virtual resource, Apparatus and system |
| WO2016165674A1 (en) * | 2015-10-21 | 2016-10-20 | 中兴通讯股份有限公司 | Trusted environment operating method and device for terminal |
| CN106612504A (en) * | 2015-10-21 | 2017-05-03 | 中兴通讯股份有限公司 | Method and device for running terminal in trusted environment |
| CN106096450A (en) * | 2016-06-21 | 2016-11-09 | 依偎科技(南昌)有限公司 | A kind of application program freezing method and mobile terminal |
| CN108600162A (en) * | 2018-03-13 | 2018-09-28 | 江苏通付盾科技有限公司 | User authen method and device, computing device and computer storage media |
| CN108600162B (en) * | 2018-03-13 | 2021-04-30 | 江苏通付盾科技有限公司 | User authentication method and device, computing equipment and computer storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104468249B (en) | Account abnormity detection method and device | |
| CN103595731A (en) | System and method for protecting account security | |
| CN104426885B (en) | Abnormal account providing method and device | |
| EP2852913B1 (en) | Method and apparatus for determining malicious program | |
| CN105591743B (en) | Method and device for identity authentication through equipment operation characteristics of user terminal | |
| CN104052722A (en) | Web address security detection method, apparatus and system | |
| CN104348809A (en) | Network security monitoring method and system | |
| US20150350193A1 (en) | Authentication information theft detection method, authentication information theft detection device, and computer-readable recording medium storing program for the same | |
| CN111711617A (en) | Method and device for detecting web crawler, electronic equipment and storage medium | |
| CN102523223A (en) | Trojan detection method and apparatus thereof | |
| CN104080058A (en) | Information processing method and device | |
| CN105095758B (en) | Screen locking applied program processing method, device and mobile terminal | |
| CN103984697A (en) | Barcode information processing method, device and system | |
| CN104580108A (en) | Information prompting method and system as well as server | |
| CN103795684A (en) | Method and system for preventing transparent window virus from stealing account password of instant messaging tool | |
| US10528744B2 (en) | Detecting security vulnerabilities on computing devices | |
| CN108494749B (en) | Method, device and equipment for disabling IP address and computer readable storage medium | |
| CN105830079A (en) | Authentication information management system, authentication information management device, program, recording medium, and authentication information management method | |
| KR101206086B1 (en) | Sytstem and method for protecting phishing by authenticaion of calling number | |
| CN104660480B (en) | A kind of method, apparatus and system of account number abnormality processing | |
| US20180041540A1 (en) | Method to detect and protect against remote control | |
| CN108989298A (en) | A kind of equipment safety monitoring method and device | |
| CN114205110B (en) | AD domain threat detection method and device and electronic equipment | |
| CN103200246B (en) | A kind of method for network access control based on trust computing and system | |
| CN111030982B (en) | Strong management and control method, system and storage medium for confidential files |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140219 |
|
| WD01 | Invention patent application deemed withdrawn after publication |